search

RusticiSoftware / TinCanJava

Tin Can Java Library
http://rusticisoftware.github.io/TinCanJava/
Apache License 2.0
44 stars 46 forks source link

Dependency updates and OWASP plugin #63

Closed mikemcgowan closed 2 years ago

mikemcgowan commented 2 years ago

Updated dependencies highlighted by the OWASP plugin as vulnerable (and added the OWASP plugin itself).

The dependency check report at target/dependency-check-report.html now shows there are zero vulnerable dependencies.

brianjmiller commented 2 years ago

I had to add the following disable configuration to get it to pass locally, presumably because of something I have installed to support .NET:

            <configuration>
                <!-- Disable .NET checks -->
                <assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
                <nugetconfAnalyzerEnabled>false</nugetconfAnalyzerEnabled>
                <nuspecAnalyzerEnabled>false</nuspecAnalyzerEnabled>
            </configuration>

So I'll be adding that to the mainline branch, let me know if you think there is an issue with any of these checks being disabled for this project.

brianjmiller commented 2 years ago

Released in 1.1.2. See https://github.com/RusticiSoftware/TinCanJava/releases/tag/tincan-1.1.2